/**
* Parses security-constraint, login-configuration and security-role out of web.xml
*
* @param rootElement web.xml root element
* @param webApp web app for web.xml
*/
private static void parseSecurity(final Element rootElement, final WebApp webApp) {
final Element[] securityConstraint = getChildren(rootElement, "security-constraint");
if (securityConstraint != null && securityConstraint.length > 0) {
try {
for (Element scElement : securityConstraint) {
final WebAppSecurityConstraint webSecurityConstraint = new WebAppSecurityConstraint();
final Element authConstraintElement = getChild(scElement, "auth-constraint");
if (authConstraintElement != null) {
webSecurityConstraint.setAuthenticate(true);
final Element[] roleElemnts = getChildren(authConstraintElement, "role-name");
if (roleElemnts != null && roleElemnts.length > 0) {
for (Element roleElement : roleElemnts) {
String roleName = getTextContent(roleElement);
webSecurityConstraint.addRole(roleName);
}
}
}
final Element userDataConstraintsElement = getChild(scElement, "user-data-constraint");
if (userDataConstraintsElement != null) {
String guarantee =
getTextContent(getChild(userDataConstraintsElement, "transport-guarantee"))
.trim()
.toUpperCase();
webSecurityConstraint.setDataConstraint(guarantee);
}
final Element[] webResourceElements = getChildren(scElement, "web-resource-collection");
if (webResourceElements != null && webResourceElements.length > 0) {
for (Element webResourceElement : webResourceElements) {
WebAppConstraintMapping webConstraintMapping = new WebAppConstraintMapping();
WebAppSecurityConstraint sc =
(WebAppSecurityConstraint) webSecurityConstraint.clone();
String constraintName =
getTextContent(getChild(webResourceElement, "web-resource-name"));
webConstraintMapping.setConstraintName(constraintName);
Element[] urlPatternElemnts = getChildren(webResourceElement, "url-pattern");
for (Element urlPattern : urlPatternElemnts) {
String url = getTextContent(urlPattern);
Element[] httpMethodElements = getChildren(urlPattern, "http-method");
if (httpMethodElements != null && httpMethodElements.length > 0) {
for (Element httpMethodElement : httpMethodElements) {
webConstraintMapping.setMapping(getTextContent(httpMethodElement));
webConstraintMapping.setUrl(url);
webConstraintMapping.setSecurityConstraints(sc);
}
} else {
webConstraintMapping.setUrl(url);
webConstraintMapping.setSecurityConstraints(sc);
}
webApp.addConstraintMapping(webConstraintMapping);
}
}
}
}
} catch (CloneNotSupportedException e) {
LOG.warn("", e);
}
}
final Element[] securityRoleElements = getChildren(rootElement, "security-role");
if (securityRoleElements != null && securityRoleElements.length > 0) {
for (Element securityRoleElement : securityRoleElements) {
final WebAppSecurityRole webSecurityRole = new WebAppSecurityRole();
Element[] roleElements = getChildren(securityRoleElement, "role-name");
if (roleElements != null && roleElements.length > 0) {
for (Element roleElement : roleElements) {
String roleName = getTextContent(roleElement);
webSecurityRole.addRoleName(roleName);
}
}
webApp.addSecurityRole(webSecurityRole);
}
}
final Element[] loginConfigElements = getChildren(rootElement, "login-config");
if (loginConfigElements != null && loginConfigElements.length > 0) {
for (Element loginConfigElement : loginConfigElements) {
final WebAppLoginConfig webLoginConfig = new WebAppLoginConfig();
webLoginConfig.setAuthMethod(getTextContent(getChild(loginConfigElement, "auth-method")));
String realmName = getTextContent(getChild(loginConfigElement, "realm-name"));
webLoginConfig.setRealmName(realmName == null ? "default" : realmName);
if ("FORM".equalsIgnoreCase(webLoginConfig.getAuthMethod())) { // FORM
// authorization
Element formLoginConfigElement = getChild(loginConfigElement, "form-login-config");
webLoginConfig.setFormLoginPage(
getTextContent(getChild(formLoginConfigElement, "form-login-page")));
webLoginConfig.setFormErrorPage(
getTextContent(getChild(formLoginConfigElement, "form-error-page")));
}
webApp.addLoginConfig(webLoginConfig);
}
}
}
